The MPlayer Project v1.5 was discovered to contain a heap use-after-free resulting in a double free in the preinit function at libvo/vo_v4l2.c. This vulnerability can lead to a Denial of Service (DoS) via a crafted file.
The sole reference 404's for me. No idea if this is real, reported
upstream, or patched at all. Not sure how MITRE handled this.
Created attachment 812869 [details]
Yes, it is real. MITRE didn't reply to my email with the updated link. Here is the poc. It is also on github repo b17fr13nds/MPlayer_cve_poc
(In reply to BitFriends from comment #2)
> Yes, it is real. MITRE didn't reply to my email with the updated link. Here
> is the poc. It is also on github repo b17fr13nds/MPlayer_cve_poc
Have you reported it upstream?
The bug has been referenced in the following commit(s):
Author: Sam James <email@example.com>
AuthorDate: 2022-12-24 10:16:46 +0000
Commit: Sam James <firstname.lastname@example.org>
CommitDate: 2022-12-24 10:19:57 +0000
media-video/mplayer: add 1.5
Unclear if anything happened with security bug #858107 though.
Signed-off-by: Sam James <email@example.com>
media-video/mplayer/Manifest | 1 +
media-video/mplayer/mplayer-1.5.ebuild | 627 ++++++++++++++++++++++++++++++++
media-video/mplayer/mplayer-9999.ebuild | 378 ++++++++++---------
3 files changed, 829 insertions(+), 177 deletions(-)
Well, I can't reproduce.
Reporter: please don't waste everyone's time by requesting CVEs without reporting upstream.